Update to #StopRansomware Advisory on ALPHV Blackcat – TLP: CLEAR

TLP: CLEAR

CISA, the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) have released an update to the joint advisory #StopRansomware: ALPHV Blackcat to provide new indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with the ALPHV Blackcat ransomware as a service (RaaS). ALPHV Blackcat affiliates have been observed primarily targeting the healthcare sector.

CISA, the FBI, and HHS urge network defenders to review the updated joint advisory to protect and detect against malicious activity. All organizations are encouraged to share information on incidents and anomalous activity by contacting any of the following organizations:

CISA’s Incident Reporting System or through the agency’s 24/7 Operations Center at report@cisa.gov or (888) 282-0870.
MS- and EI-ISAC, through their 24/7 Operations Center at soc@msisac.org or (866) 787-4722.
The FBI via your local FBI field office, or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov.

For more on ransomware, visit stopransomware.gov.

Multi-State Information Sharing and Analysis Center (MS-ISAC)

Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC)

31 Tech Valley Drive

East Greenbush, NY 12061

24×7 Security Operations Center

SOC@cisecurity.org – 1-866-787-4722

TLP: CLEAR

https://www.cisa.gov/tlp

Information may be distributed without restriction, subject to standard copyright rules.

Please send all opt out requests to info@cisecurity.org.

This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments.

. . . . .